CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. […]
Author Archives: [email protected]
A new ‘FakeUpdate’ campaign targeting users in France leverages compromised websites to show fake browser and application updates that spread a new version of the WarmCookie malware. […]
02
Oct
Oct
Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 27718 to the Canary Channel. We are releasing ISOs for this build – they can be downloaded here. We are also not planning to release SDKs for 27xxx series builds for the time being. Changes and Improvements [General] [REMINDER] Insider Preview Build Expiration: The […]
A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that’s also widely known as pig butchering, in which prospective victims are lured into making […]
Microsoft has released Office 2024 for small businesses and consumers who want a standalone version without a Microsoft 365 subscription. […]
02
Oct
Oct
Gmail Cards extract the essential information from bills, purchases, events, and travel emails in a glanceable and actionable format.
02
Oct
Oct
Learn more about Google’s new Pixel Buds Pro 2.
A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in 2023, attributed the activity cluster as aligned to China, leveraging tools previously identified as used by the Mustang Panda actor. “The
A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures. “A sophisticated spear-phishing lure tricked a recruitment officer into downloading and executing a malicious file disguised as a resume, leading to a more_eggs backdoor […]
U.S. cybersecurity agency CISA is warning about two critical vulnerabilities that allow authentication bypass and remote code execution in Optigo Networks ONS-S8 Aggregation Switch products used in critical infrastructure. […]